$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa File: 349778ec-dd5c-4e52-8440-4155573588c4.roa (raw, json) Hash identifier: 0ZXNzk9Ngs648U9fuCZv7cKry6dBSQZLyow4igGnRcA= Subject key identifier: 9B:28:13:2C:C9:77:6C:7B:CB:48:E5:25:99:7A:93:03:93:A7:D7:1F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3688A85053D309A002E27DD92DC69C2F2C45BD74 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa Signing time: Fri 20 Feb 2026 00:10:42 +0000 ROA not before: Fri 20 Feb 2026 00:10:42 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 00:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:88:a8:50:53:d3:09:a0:02:e2:7d:d9:2d:c6:9c:2f:2c:45:bd:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:42 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=4685a4db542923e9a0c0a5bce6dc0b102cbbb3f4fe2000bce102e2041486f39a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:f9:8d:eb:61:77:f1:c1:e2:7e:7d:d0:49:17: 80:3c:52:c6:60:68:6d:71:97:88:9a:b8:12:96:c7: a2:9e:91:91:53:72:ad:36:53:2d:0b:e2:e2:f3:81: 8a:05:e6:a2:53:12:a9:87:e7:c9:d5:fd:b6:8a:cb: 51:72:52:a7:13:de:3b:93:6b:21:c5:4f:04:27:89: 44:76:5c:31:9b:f6:94:05:26:73:f6:b7:6f:af:72: 09:b3:20:6a:d8:99:df:ba:50:42:47:b0:3c:3c:c4: 59:a2:40:cc:43:62:f9:61:bd:31:35:ce:c3:94:b9: a5:c5:d0:f2:21:b6:2c:9f:66:66:4c:1b:db:04:25: b6:72:46:17:ea:d0:15:bc:11:fb:63:ad:3a:9a:71: 98:ff:78:5b:20:da:7c:e1:5a:56:b0:db:78:f9:d2: f2:97:8d:75:ed:0f:87:9e:3a:79:da:e2:03:77:4e: c1:91:fa:77:aa:b1:ff:d7:58:3f:63:ce:21:fa:93: be:e0:8a:a5:d8:99:4f:07:cc:ea:0f:a5:ed:fc:43: 0b:56:f2:1a:45:6a:09:a0:28:97:4c:ce:34:71:c5: c8:7b:bd:8f:86:6d:c1:0b:02:d7:0c:6b:b8:b3:7a: b6:38:90:50:7f:f5:6d:9c:b9:ff:8c:d7:6d:6b:16: c6:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:28:13:2C:C9:77:6C:7B:CB:48:E5:25:99:7A:93:03:93:A7:D7:1F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 6b:63:c6:01:94:0d:d3:bb:d6:6c:85:66:fd:1b:c6:a2:20:cf: b9:23:6f:b7:fd:73:d2:69:5e:64:87:f3:1a:7f:82:f8:95:13: 9e:f6:c1:df:0a:61:32:7e:e2:50:eb:71:2e:11:62:a6:00:63: 76:3f:25:c5:9a:ad:8c:8d:72:bc:53:79:a4:65:19:f4:65:b3: 7b:b3:ea:b0:1b:7d:70:6a:48:48:98:97:47:98:6d:00:95:58: ee:d4:99:db:9f:bd:e0:0f:f4:68:d2:43:95:fe:47:50:21:dd: e3:64:85:25:63:d1:87:02:7d:30:c0:8a:81:85:fd:43:3a:72: 3c:06:b2:70:2b:03:17:1c:b7:99:26:55:3d:e9:a6:42:1c:27: 86:ff:7a:0f:08:d5:09:f0:1f:60:ba:04:7f:54:36:84:5a:04: ca:8b:d1:d4:c5:78:80:39:77:a7:a0:ce:40:9e:5f:cb:e5:c0: 5e:68:83:53:f2:8b:0c:e5:10:49:a2:2a:0a:dd:6f:d7:95:92: c4:28:fb:0d:6f:d2:6b:db:bc:20:40:f3:9b:ad:00:68:01:a4: e3:ff:76:ca:8a:72:0c:90:e3:87:22:17:c2:68:53:aa:b4:68: c1:4a:00:1c:8f:dc:1b:31:27:d9:89:ab:a8:9f:24:17:10:8f: 65:91:e8:97 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNoioUFPTCaAC4n3ZLcacLyxFvXQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTA0MloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNANDY4NWE0ZGI1NDI5MjNlOWEwYzBh NWJjZTZkYzBiMTAyY2JiYjNmNGZlMjAwMGJjZTEwMmUyMDQxNDg2ZjM5YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfmN62F38cHifn3QSReAPFLGYGht cZeImrgSlseinpGRU3KtNlMtC+Li84GKBeaiUxKph+fJ1f22istRclKnE947k2sh xU8EJ4lEdlwxm/aUBSZz9rdvr3IJsyBq2JnfulBCR7A8PMRZokDMQ2L5Yb0xNc7D lLmlxdDyIbYsn2ZmTBvbBCW2ckYX6tAVvBH7Y606mnGY/3hbINp84VpWsNt4+dLy l4117Q+Hnjp52uIDd07Bkfp3qrH/11g/Y84h+pO+4Iql2JlPB8zqD6Xt/EMLVvIa RWoJoCiXTM40ccXIe72Phm3BCwLXDGu4s3q2OJBQf/VtnLn/jNdtaxbGSQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJsoEyzJd2x7y0jlJZl6kwOTp9cfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM0OTc3OGVjLWRkNWMtNGU1Mi04NDQwLTQxNTU1NzM1ODhjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/+DAMA0GCSqGSIb3DQEBCwUAA4IBAQBrY8YBlA3Tu9ZshWb9 G8aiIM+5I2+3/XPSaV5kh/Maf4L4lROe9sHfCmEyfuJQ63EuEWKmAGN2PyXFmq2M jXK8U3mkZRn0ZbN7s+qwG31wakhImJdHmG0AlVju1Jnbn73gD/Ro0kOV/kdQId3j ZIUlY9GHAn0wwIqBhf1DOnI8BrJwKwMXHLeZJlU96aZCHCeG/3oPCNUJ8B9gugR/ VDaEWgTKi9HUxXiAOXenoM5Anl/L5cBeaINT8osM5RBJoioK3W/XlZLEKPsNb9Jr 27wgQPObrQBoAaTj/3bKinIMkOOHIhfCaFOqtGjBSgAcj9wbMSfZiauonyQXEI9l keiX -----END CERTIFICATE-----Generated at Sat Feb 21 16:24:38 2026 by rpki-client